From d3e3123373186420881fc4f42846d24489ebebfa Mon Sep 17 00:00:00 2001
From: Ignacio <igrivero03@gmail.com>
Date: Mon, 1 Apr 2024 20:59:58 -0300
Subject: [PATCH] Fix invalid pointer

---
 salty.c | 24 +++++++++++++++++-------
 1 file changed, 17 insertions(+), 7 deletions(-)

diff --git a/salty.c b/salty.c
index 75dabc9..5b97f28 100644
--- a/salty.c
+++ b/salty.c
@@ -116,7 +116,6 @@ int encryptMessage(const char* inputFile, const char* outputFile, const char* pa
 		// Read input file
 		fprintf(stderr,NOR"Reading input filesize...\n");
 		decLen = fileSize(inFile);
-		fprintf(stderr,OK"File is %d bytes.\n",decLen);
 		decrypted = malloc(decLen);
 
 		if (fread(decrypted,1,decLen,inFile) != decLen) {
@@ -129,7 +128,9 @@ int encryptMessage(const char* inputFile, const char* outputFile, const char* pa
 		fclose(inFile);
 	}
 
-	fprintf(stderr,OK"Input read successfully!\n");
+	size_t encLen = decLen + crypto_secretbox_MACBYTES;
+	fprintf(stderr,OK"File is %d bytes.\n",decLen);
+	fprintf(stderr,OK"Encoding file to %d bytes.\n", encLen);
 	fprintf(stderr,NOR"Beginning encryption...\n");
 
 	// Generate a nonce, write headers and encrypted message
@@ -137,11 +138,11 @@ int encryptMessage(const char* inputFile, const char* outputFile, const char* pa
 	randombytes_buf(nonce,sizeof(nonce));
 
 	// Encrypt the data
-	unsigned char encrypted[decLen + crypto_secretbox_MACBYTES];
+	unsigned char encrypted[encLen];
 	crypto_secretbox_easy(encrypted, decrypted, decLen, nonce, key);
 
 	// Patchy but correct-ish attempt to solve annoying stdout issue
-	size_t totalSize = strlen("gneurshk") + sizeof(salt) + sizeof(nonce) + sizeof(encrypted);
+	size_t totalSize = strlen("gneurshk") + sizeof(salt) + sizeof(nonce) + encLen;
 	size_t offset = 0;
 	unsigned char* outputBuffer = malloc(totalSize);
 	if (outputBuffer == NULL) {
@@ -261,6 +262,12 @@ int decryptMessage(const char* inputFile, const char* outputFile, const char* pa
 
 	size_t encLen = inLen - sizeof(salt) - sizeof(nonce) - 8;
 
+	if (inLen == 0) {
+		fprintf(stderr,ERR"File size is 0. No data.");
+		fclose(outFile);
+		return 1;
+	}
+
 	fprintf(stderr,DBG"Size of encrypted file: %d bytes.\n",inLen);
 	fprintf(stderr,DBG"This means the encrypted content is %d bytes.\n",encLen);
 
@@ -430,10 +437,13 @@ int main(int argc, char *argv[]) {
 	char* password;
 
 	// Set password and run!
-	if (pass == -1) {
-		password = getpass("Enter your encryption password: ");
-	} else {
+	if (pass > 0) {
 		password = argv[pass];
+	} else if (in < 0) {
+		fprintf(stderr,ERR"Cannot read from stdin without a password.\n");
+		return 1;
+	} else {
+		password = getpass("Enter your encryption password: ");
 	}
 
 	if (decrypt) {